CVE-2020-7675 · Vexday

CVE-2020-7675

EPSS 2.5%

cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. User input provided to the `color` argument executed by the `eval` function resulting in code execution.

Affected products

n/a · cd-messenger

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://snyk.io/vuln/SNYK-JS-CDMESSENGER-571493